SALES - FDCservers.net LLC wrote:
> Hello Will,
>
> I don`t know who the end customer is but the server is currently rented to
>
Zenex5ive | Formerly know as PixelFX Solutions who is our reseller.
> As you can see here
does FDC servers.net have a spider? - Web Hosting Talk - The largest, most influential web hosting community on the Internet
> there`ve been other that were affected by this activity, including some US
> government servers.
>
>
> Regards
> Petr
> FDCservers.net
>
> -----Original Message-----
> From: Will Bryant [mailto:
[email protected]]
> Sent: Saturday, May 06, 2006 10:32 PM
> To: SALES - FDCservers.net LLC
> Subject: Re: Spiders? DoS? Answers? Help?
>
> Thank you Petr. Both for the timely response, and the clarification in
> regards to your role. By odd coincidence, I was literally writing another
> email to you as yours came in, because the 'spider' activity continues
> today, albeit at a "clipped" pace of about 120 pages per minute.
>
> Thanks again for being so agreeable, available and understanding. If at any
> point you would like the whole logfile for those IP blocks (it's a little
> over 1.2MB uncompressed single-line text) and their activity on my machine,
> please don't hesitate to ask.
>
> As an aside, are you able to offer the operating name of the client whose
> customer is doing this?
>
> Either way, have a great weekend.
>
>
>
> SALES - FDCservers.net LLC wrote:
>
****Hello Will,
****
****
****FDCservers is a datacenter facility that houses roughly 2500. We are
****not engaged in hosting activity of any kind. We simply rent out server
****on high speed connection.
****It is our customer who do the actual hosting and they are required to
****complay with our terms of service and acceptable usage policy, listed
****at
http://www.fdcservers.net/tos.html and
****
http://www.fdcservers.net/aup.html
****
****The activity you reported has been caused by customer of our client
****who is supposedly running spiders to collect internet data. We have
****received bunch of complaints in regards to this activity in last 48
****hours and we sent our client a termination notice so they`ll cancel
****the person involved by monday
****
****
****Regards
****Petr
****FDCservers.net
****
****-----Original Message-----
****From: Will Bryant [mailto:
[email protected]]
****Sent: Friday, May 05, 2006 5:17 PM
****To: SALES - FDCservers.net LLC
****Cc:
[email protected]
****Subject: Re: Spiders? DoS? Answers? Help?
****
****I'm attaching a file that lists all the activity from the subnet I
****noticed (66.90.95.*). It may or may not represent all of the
****activity, I just did a quick grep of the subnet and day, if I get a
****chance, I'll have to look a the day as a whole and see if I can
****identify other sources. Certainly this has to be the bulk of it
****though. I haven't had an opportunity to really pour through this file
****yet, or have someone else do so, to determine if it was simply spiders
****gone wild (seems unlikely), or a true DoS attack -- but even with a
****cursory glance, it certainly does not present as typical activity even of
>
> spiders.
>
****I would definitely like to get your take before proceeding with any
****specific course of action.
****
****I do have to say that my Googling turns up quite a bit of information
****related to botnet-type attacks (something this smacks of), FDC, and
****even this specific block of IPs. I can also tell from my reading that
****you deal with a lot of different clients, who in some cases deal in
****turn with clients of their own -- so my suggestion isn't that you
****condone or enable such actions, but it's a troubling footnote to all of
>
> this nonetheless.
>
****In case you'd like to examine your own logs, the machine that received
****all this traffic is 140.99.102.195, to the buckeyeplanet.com domain.
****
****Anyway, looking forward to hearing back from you.
****
****
****
****
****SALES - FDCservers.net LLC wrote:
****
****
****>Hello,
****>
****>Can you please advise what IP address(es) were involved in this so we
****>can pass this info onto our customer
****>
****>
****>Regards
****>
****>FDCservers.net
****>
****>-----Original Message-----
****>From: Will Bryant [mailto:
[email protected]]
****>Sent: Friday, May 05, 2006 3:10 AM
****>To:
[email protected]
****>Subject: Spiders? DoS? Answers? Help?
****>
****>At a few different points today, there were between 400 and 500
****>different (but seeminly sequential) IPs from your company "browsing" a
****
****site I run.
****
****
****>Search engine 'spider' like behavior, but in over a decade of
****>development on the internet, I've never seen anything quite so
****>aggressive, and potentially destructive. I don't block spiders, never
****>have, and have no intention to -- their indexing of the net for
****>everyone from Google to Microsoft benefits all of us and makes the web
****>more a 'web' and less a lot of different islands on an immense
****>imaginary
****
****map.
****
****
****>But the behavior of "your" spiders is confusing and a little concerning.
****>
****>As they don't seem to be on the site (
BuckeyePlanet - Ohio State Fan Community) at
****>present, I write with more curiosity than concern. But today's action
****>could easily (and properly) be viewed as hostile and destructive. In
****>fact, it was initially perceived to be an attempt at a denial of
****>service
****
****attack.
****
****
****>We can identify spiders from all the 'majors', but yours came back
****>conspicuously free of any identifiers. Dead ends with reverse DNS,
****>not a well known block of IPs, so I'm hoping to find out exactly who
****>it is that's so intent on indexing the discussions of a bunch of
****>college
****
****athletics fans.
****
****
****>Looking forward to any information you can provide.
